WORLD INTELLECTUAL PROPERTY ORGANIZATION 
International Bureau 




PCT 

INTERNATIONAL APPLICATION PUBLISHED UNDER THE PATENT COOPERATION TREATY (PCT) 



(51) International Patent Classification 6 : 
H04L 9/32 



Al 



(11) International Publication Number: WO 00/10288 

(43) International Publication Date: 24 February 2000 (24.02.00) 



(21) International Application Number: PCT/US997 17285 

(22) International Filing Date: 30 July 1999 (30.07.99) 



(30) Priority Data: 

09/133,875 
09/293,131 



14 August 1998 (14.08.98) US 
16 April 1999 (16.04.99) US 



(71) Applicant (for all designated Slates except US)i OMNIPOINT 

CORPORATION [US/US]; 3 Bethesda Metro Center, Suite 
400, Bethesda, MD 20814 (US). 

(72) Inventor; and 

(75) Inventor/Applicant (for US only): GIBBS, Benjamin, K. 
[GB/US]; 8910 Melbourne Drive, Colorado Springs, CO 
80920 (US). 

(74) Agent: LYON & LYON LLP; Hemminger, Steven, D„ Suite 
4700, 633 West Fifth Street, Los Angeles, CA 90071-2066 
(US). 



(81) Designated States: AE, AL, AM, AT, AU, AZ, BA, BB, BG, 
BR, BY, CA, CH, CN t CU, CZ, DE f DK. EE, ES. FI, GB, 
GD, GE, GH, GM, HR, HU, ED, IL, IN, IS, JP, KE, KG, 
KP, KR, KZ, LC, LK, LR, LS, LT, LU, LV, MD, MG, MK, 
MN, MW, MX, NO, NZ, PL, PT, RO, RU, SD, SE, SG, SI, 
SK, SL, TJ, TM, TR, TT, UA. UG, US, UZ, VN, YU, ZA, 
ZW\ ARIPO patent (GH, GM, KE, LS, MW, SD, SL, SZ, 
UG, ZW), Eurasian patent (AM. AZ, BY, KG, KZ, MD, 
RU, TJ, TM), European patent (AT, BE, CH, CY, DE, DK, 
ES, FI, FR, GB, GR, IE, IT, LU, MC, NL, PT, SE), OAPI 
patent (BF, BJ, CF, CG, CI, CM, GA, GN, GW, ML, MR, 
NE, SN, TD, TG). 



Published 

With international search report 
With amended claims. 



(54) Title: APPARATUS AND METHOD FOR AN AUTHENTICATED ELECTRONIC USERID 




(57) Abstract 



A method and apparatus for an authenticated electronic userid (644) comprising an adapted digital signature (652) is provided. 
According to an aspect of the invention, the adapted digital signature (652) is generated using a secure hash function (620). In one 
embodiment, the result of the secure hash function (624) is further modified by selecting a word (656) from a word list (632) that 
corresponds to a value produced by the secure hash function (620). Inbound electronic messages are analyzed to verify that they comprise 
an authenticated electronic userid (644) having valid adapted digital signature (652). The verification involves re-computing the adapted 
digital signature (652) using remote user information (616) and an originator key (610). 



<WO 0010288A1_I_> 



FOR THE PURPOSES OF INFORMATION ONLY 
Codes used to identify States party to the PCT on the front pages of pamphlets, publishing international applications under the PCT. 



AL 


- - Albania ■ - 


ES 


■ Spain 


LS 


: Lesotho 


SI ; - 


."Slovenia 


AM 


Armenia 


FI 


Finland 


LT 


Lithuania 


SK 


Slovakia 


AT 


■ Austria - . 


FR ' 


France 


LU 


, Luxembourg • ; • 


» .SN 


Senegal-, *> 


AU 


Australia 


GA 


Gabon 


LV 


Latvia 


SZ 


Swaziland 


AZ 


. . Azerbaijan { 


GB 


United Kingdom - 


MC 


-Monaco 


TD 


\ Chad 


BA 


Bosnia and Herzegovina 


GE 


Georgia 


MD 


Republic of Moldova 


TG „ 


Togo 


BB 


Barbados 


GH 


Ghana 


MG 


Madagascar > 


TJ 


Tajikistan 


BE 


Belgium 


GN 


Guinea 


MK 


The former Yugoslav 


TM 


Turkmenistan 


BF 


- Burkina Faso 


GR 


Greece 




Republic of Macedonia - 


TR • 


Turkey 


BG 


Bulgaria 


HU 


Hungary 


ML 


•Mali 


TT 


Trinidad and Tobago 


BJ 


Benin 


IE 


Ireland 


MN > 


Mongolia 


UA 


* Ukraine 


BR 


Brazil 


IL 


Israel 


MR 


Mauritania 


UG 


Uganda 


BY 


Belarus 


.' IS 


Iceland 


MW 


Malawi 


US. 


United States of America 


CA 


Canada 


IT 


Italy 


MX 


Mexico 


uz 


Uzbekistan 


CF 


■ Central African Republic 


JP 


Japan 


NE 


Niger 


VN 


Viet Nam " 


CG 


Congo 


KE 


Kenya 


NL 


Netherlands 


vu 


Yugoslavia 


CH 


L . Switzerland 


KG 


Kyrgyzstan 


NO 


Norway 


zw 


Zimbabwe 


ci 


Cote d'lvoire 


KP 


Democratic People's 


NZ 


New Zealand 






CM 


Cameroon 




Republic of Korea 


PL 


Poland . 






CN 


China 


KR 


Republic of Korea 


PT 


Portugal 






CU 


Cuba 


KZ 


Kazakstan 


RO 


Romania 






CZ 


" Czech Republic 


LC 


Saint Lucia 


RU 


Russian Federation 






DB 


Germany 


U 


. Liechtenstein 


SD 


Sudan 






DK 


Denmark 


LK 


Sri Lanka 


SE 


Sweden 






EE 


Estonia 


LR 


Liberia 


SG 


Singapore 







BNSDOCID; <WO 00102B8A11 > 



WO 00/10288 



PCT/US99/17285 



1 

DESCRIPTION 

Apparatus And Method For An 
Authenticated Electronic Userid 

Field of the Invention 

5 The present invention relates electronic user identification, and more specifically, 

to an apparatus and method for creating and verifying an authenticated electronic userid. 

Background 

Electronic mail, or "e-mail" has become one of the most popular forms of point-to- 
point communication for people with access to the Internet. An e-mail system typically 

1 0 comprises a database server, a local area network (LAN) and/or a modem bank, and an 
internet gateway. A user, who communicates with others via e-mail, is typically given a 
user identification, or "userid", that permanently and uniquely identifies that user with the 
database server. The server typically has its own identity too, for example, the server is 
sometimes referred to as a host and the identity is called a "host name", or in some circles 

15 a "domain name." When a user desires to check their e-mail, the user logs onto the e-mail 
system and e-mail messages are displayed on a terminal device or personal computer. A 
great advantage of e-mail over traditional mail which accounts, in part, for its surge in 
popularity, is that messages can be delivered significantly faster, messages can be easily 
distributed to significantly more recipients, and it is, generally, less expensive for the user 

2,0 than regular mail, or "snail mail." 

Junk e-mail or unsolicited -'bulk* e-mail ("UBE"), referred to Hereafter as' "s£>am" 
has become* a significant problem. ' 'Users of electronic messaging applications are 
barraged with spam on a -daily basis by spammers (those; who create and send spam). ' 
Spammers usually advertise sham wares, services,- pyramid schemes, and, even worse, 

25 they send electronic viruses.- 

Spam has grown in popularity for a number of reasons. Primarily, it is a low cost 
and fast medium through which messages can be delivered. Further, the ease with which a 
■ spammer can harvest e-mail addresses, for example, from joke lists, newsgroups, web 
pages and cookies, provides a steadily expanding audience to which spam can be directed. 

30 Filters have been proposed and a few developed that attempt to reduce or eliminate 

spam from a user's mail host and/or e-mail client. 

One type of spam filter is a sender filter. The sender filter rejects all messages 
from an untrusted source, such as by way of an authorized or an unauthorized sender list. 
Inbound e-mail messages are simply rejected based upon the source of the message (e.g., 
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ti>e "from:" address of a messages header). 4 J^ftjp^problem with .the sender filter is that 
.the sender's identity is frequently spoofed as^th^ ^r^indom sender (which bypasses the 
' unauthorized sen dfr : A s ^ bypasses the 

authorized sender list) " ~ . - . j 

Another example of a spam filter is a context filter. A qq^^ jfflttey. examines a 

or phrases a spammer , is r lij^ £P h 'V>prk from 

^^-N^ &i? T $}$B ^^PpnJeprt filter5 M is r .fliat linguistic 

rules must be set.iip for a particular^ . Mpreover, language 

or r context alone is inherently imprecise. . Thiis ? , cont^. type, filters generally suffer from 
an over-inclusiveness problem r * meaning they . filter ippre messages, than -they should 
because legitimate messages occasionally match, the linguistic , rules . of 1jie context filter. 
Still pother appro^ 

Traditional encryption/decryption technology ./includes * the. use., of > shared 
encryption/decryption algorithms or keys (e.g., asymmetric or symmetric encryption). For 
example, in an asymmetric encryptipn^decryption/system, a. sender encrypts a message 
body using the intended , recipient's, public, key. t The recipient receives the .encrypted 
message and decrypts it, using her .private key. ; . A , problem with this, technique is that 
special equipment is required, by both the sender, and receivers- such as proprietary 
software, or hardware. t In. a symme^c. encryption solution,^ secret key is shared between 
the . sender and recipient. . A proble;n.,here is that the . shared _ key can easily be 
compromised. Moreover, , encryption/decryption .solutions .can be,. computationally 
expensive and difficult to manage as compared, to. the low value of most e-mail messages. 
Some encryption/decryption solutions, even require.. multiple. handshaking and/or a real- 
time connecti on. between the.sender and;receiver. ./ 

Thus, there is a need for a unique method and apparatus - for- authenticating 
electronic messages, that ; is. capable of controlling UBE and other forms of electronic 
messages that clutter communication applications such as electronic mail. Moreover, 
there is a need for a secure and trusted technique for identifying and filtering unauthorized 
electronic messages. 



Summary of the Inventions 

An apparatus and . method for creating and verifying an authenticated electronic 
userid is provided. According to one embodiment, an electronic message- system 
generates an authenticated electronic userid for a local user that comprises an adapted 
digital signature. The adapted digital signature, with other identifiers, provides temporary 
or restricted electronic.message privileges to a remote user. 



WO 00/1 0288 



'■PCT/tiS99/17285 




>- -According to one' emteodiftifeht, the adapted digital signature grants privileges to a 
: jparticulaf / remote 'user fti^sttdis^^'i single lbckl 'user on me* message system. However, 
-according^ grants privileges to a 

number of remote users from a particular host for access to one or more local 1 users on the 
message sj&effi. • 2? ^ R lo - : / : 

* ■<■■' J iri^ otie* eMbodimant/ a'^fofcess for creating* an /authenticated efe'etronic userid 

key 
with 

: r : ori^riatb^info^ ' J 

10 * * ^ ■ s in another embodimbfif, ;V"jsibcess for authenticating 'ah adapted ' digital signatiu-e 
"comprises the acts of extracting ' a local' userid arid remote ^ user ^ information from an 
--ihcoim^ userid to a list of local users; verifying 

"-" the adapted' digital sighatufe i^ v access to an electronic service if 

* • * the adapted digital si^&ture is vsttid;' 1 ' " ' ' * " ' ' ! ^ 

15 V - J : - ' . : " A method and' apparatus for ; dn" A adSpted digits 4 signature is also provided 
; : • * Accordinjg to an aspect of the present IriVehtioris, the adapted "digital signatures generated" 
1 using a digital signature" engine ahd ; an adaptatioh algbrithni. ' w " 
* - v ■ According' tcf one emboditheht; 'a method for cfeatirig ari'adapted digital signature 
:v 'i. comprises: retrieving an Originator key; tlief originator kby'corresporidirig to a local userid; 
2-0' * 'running "-a digital' signature erigine to bte&te'a digital Si§rikturfe, the digitaTsignature based 
:u 6n at least the originafor key and remote user i^ormatibn; retrieving a word from a word 
1 list; the word indexedtoat least a portion of the digital signature; and returning at least tKe 
word as' the adapted digital signature;- ' " - - °' - • • - ! < 

\ it . : According to another embodiment, a : method for verifying an '"adapted digital 
2 5 signature comprises: retrieving an ' origirfator "key based on a first portion of address 
information; -generating an adapted digital signature based on the originator key and a 
second portion of "the address information; comparing a third portion of the address 
information to the adapted digital signature; and accepting the electronic message if the 
third portion of the address information and the adapted digital signature match. 
30 According to another embodiment, an electronic message systern comprises: an 

authenticated message server configured to remove inbound electronic messages if an 
authenticated electronic userid cannot be verified; and a mail host coupled to the 
authenticated message server; and wherein the authenticated message server is configured 
to remove inbound electronic messages by performing the acts of: generating an adapted 
35' digital signature; comparing a portion of an inbound electronic message to the adapted 
— : digital signature; and rejecting the inbound electronic message if the portion of the 
inbound electronic message and the adapted digital signature do not match. 
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Brief Description of the Drawings 



. J^ 6 pr ^^^ way of 

limitation, in the figures of the accompanying drawings in which like reference numerals 
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refer to similar elements and in which: 



system 

"employing *an authenticated message server* *-v , f 

system 

employing an authenticated message server; c . : , i . , 0l .,\ ( ., ;ir j r 

10 message' server and authenticated electronic userid; 1 , 

. . ;^ r> ' F* G * 4 . de ? i ? t ? a , fu^otion^I r ^ia^^m Ulustra^ing, .of ( an alternative authenticated 

message server and authenticated electronic userid;- - . 

v*:. .'-L-- " \:: r -* ^ v. ; .. ■ 

, FJP- t 5 jis.a flow 

userid; .". . . . , 

1 5 , FI< ^ 6 d ?I?!. ct ; s an embodiment of an, adapted digital signature technique; 

FIG. 7 is a flowchart depicting the steps, for -verifying, an authenticated electronic 
" userii; and J *, . t - .,"->-> - 

FIG- 8 js a flowchart depicting the steps for verifying jp.an inbound -electronic 
message comprising an adapted digits , t , . . . : „ ^ r r . ; , : 

2 0 Detailed Description of the Preferred Embodiments - j ... ? . ( , 

FIG. 1 depicts an electronic messaging system 100 Recording to one embodiment 
of the present inventions. System 100 includes a server 108, coupled to. a terminal, unit or 
, personal computer 104, a router 112,, and an authenticated message server 116. The 
interconnection or coupling mechanism- between the various devices is preferably a fiber 

25 optic network cable, but it can also be a twisted pair,- or a wireless : interconnection. 
. According to one. embodiment, server 108 is a Sun Microsystems SPARC™ system 
running electronic message software such as Oracle - Corporation's InterOffice™ 
messaging server. Router 1 12 is a commercially available internet router such as a Cisco 
Systems 7500 Series router. . ' , • 

30 Authenticated message server 116 can run on a standard personal computer, such 

as an Intel Pentium™ based microprocessor system. However, authenticated message 
server 1 16 is alternatively part of the software component stack added to server 108. In 
such an embodiment, an application programming interface ("API") for the messaging 
server 108 is added which provides access to the authenticated message server services, 

35 such as the methods and techniques for generating and verifying authenticated electronic 
userids as described herein. In the broader spirit of the inventions, the system can be 
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highly distributed, wherein incoming and # outgomi^ess^eT'are handled by separate 

' servers o^computer systems r'bn*'^inferc6nnecie\i"ne^6rk i '(e\ , g^ a local area network or 
■' ' "LAN"-') ; " : '• s^-WS^c g\i :cnoy"2 sJ* ).c 1 ~ r '-' r>>. ..-or;::. «..: 

From the server 108, outgoing electronic' "messages to ""remote 'users' are typically 
5 - ijassetf : thrd^Sn TOtel^er gaiew¥y Airier/ swii T as"' rouier '"fe pouter 1 12 is preferably 
connected to the internet 1 20 via a Tl p-$e^e^ir'o^er"leasea line": Conversely/messages 
frora^m'e-mt^fhet'l^O 'id a : parn%Mf l&al 1^ ; asso^^<5'wiu^the server .108 will be 
passed through router 1 12. riy-nfz kj/rwe: zrtcoi:r-i.~*i:z r.>. ; 

. ..u- ;a fembtV'us'e^typicaliy -5e&3es$tf a t p^6^' f coi^^er/]such'''as > iaptop 132, which 
10 is also connected to a server 128l : Server i'28 : is; configured smiUar to' server 108,'but it can 
« '-'-also be 'a different Type of server; such 'ai a ; Digital Equipment Corporation VAX/VMS™ 
system. The server 128 is likely to' An' indifferent' messaging system^ "such as the 
•;• ' '•UniVeraty'oi'- Walsfiihg^bn'^'lHfetw meisag"mg l systeni. Similar : to router 11 2, router 124 is 
connected to server 128 and the internet 120. 
15 - In one embodiment, electronic mesiage system 100 further comprises a wireless 

^ • - shor^m^^^^ to SPilS gateway receives an #-mail 

message (preferably an authenticated message) from router 112 or authenticated message 
- o -J -'server- 116. The gateway 1 converts the e-mail into one or rpultiple' stort messages, 
typically of 160 characters in lengthr^d ;: forwards tfee short messages to an SMS center. 
20 In turn, the SMS center forwards the message over a wireless link (e.g.,. a wireless local 
loop) to a local user (e.g., here, r thd receiving device' ^an" b£ a~pager T *or a "cellular 
— telephone): ' A : ^rele5s' sho^message service 1 system is available "from Oinii^oint 
Corporation. - : > ' • !l "■ '* ; '• *: - ' '■' '"' 

■ : _ j FIG.^2 is an overview of air alternative electronic messaging "system 200 employing 
2$ > the invientions- described hferein! Internet 204 is a wide area network of interconnected 
; computers.' Connected to'ihternet 204 via V simple ; mail transfer protocol ("SMTP") 
connection is a mail exchanger 208. (SMTP is further described in publicly available 
">< Internet RFC 82 k) A mail exchanger, as used herein, is a server that transmits and 
receives electronic messages (e.g:, e-mail) via the internet 204. The mail exchanger 208 
30 resides in an internal network (e.g., a local area network). The mail exchanger 208 is the 
•designated sender and receiver of e-mail between the internal network and the internet. 
For load balancing purposes, more than one mail exchanger 208 may service an internal 
network. The designation of a mail exchanger, such as mail exchanger 208, is preferably 
: defined by a domain name server ("DNS") in a mail exchange record. 
35. Connected to mail exchange server 208, also via an SMTP, is authenticated 

message server 212. The authenticated message server 212 is configured to perform 
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functions associated with, the generation ,^d, authentication of authenticated electronic 
userids,'as is 'described WeiiL . . , 

Connected to authentipated message .server. ,2 1 2- via an ,SMTP. t link is a mail host 
. 216.. Mail.hast.2^ by a 

5 ^rrMaillio^ Because 
' mail 'host 2*1 6 'supports"' SMTP" find post office prQtocolJvieision.. 3^("POP3), it can be 
embodied in virtually any mail server software, such as Microsoft Exchange -Server and 
Lotus Notes. (POP3 is further described in publicly.,available Internet RFC 1939.) Thus, 
mail host 21.6 supports both inbound andoutbound electronic messaging. . 
1 0 Optionally connected to authenticated message, server 2 1 2 via ,a hyper text transfer 

protocol ("HTTP") link is ^ adrn^ 224. .(HTTP is . further described in 

^ publicly ' availabk j?45.) ^ji, , administrator . is „ able,, to configure the 

auifiehticated message server 212 via a web browser qr equivalent -device .thrpugh data 
exchanges via HTTP and the adn^nistration interface 224, . T , ; 

" 1"5 Users are able to connect to the mail host 216 yia a POP3<x>r an SMTP, connection 

by way of one or more user e-mail clients 220, Embodiments of e-mail clients include the 
• , Netscape Communicator, available from ; Netscape -Corporation in .Mountain View, 
California and the Microsoft Outlook client, available from .Microsoft Cqrporation in 
Redmond, Washington. .. v . . . : „ f 

20* FI<3. 3 d.epicts a functional overview of an authenticated message server 300. 

According to one embodiment, the authenticated message server 300 comprises - a digital 
signature engine 3 1 8 and an adaptation algorithm 320. 

According to a presently preferred embodiment,; a "local user "roger", who is using 
an electronic message system, such as one running on server ( 108 (identified by the host or 
25 domain name "domain.com"), composes and requests to- send a message to a remote user 
identified as "jenny@mailer.com". When local user "roger" requests to send the message 
to remote user "jenny@mailer.com", a portion of the message, in particular the remote 
userid 308 and the originator userid 304, is passed to a digital signature engine 318 for 
processing. Digital signature engine 318 can also store the local user's (e.g. roger's) 
30 private key, depicted in FIG. 3 as originator key 312. Alternatively, the local user's 
originator key 3 12 can be sent in addition to or separate from the request by the messaging 
system residing on server 108. Preferably, originator key 3 12 is a 256 bit value. 

Remote userid 308, originator userid 304 and originator key 3 12 are passed to one- 
way hash function 316 in digital signature engine 318. In the present case, remote userid 
35 308 is the value "jenny@mailer.com", originator userid 304 is the value "roger" and 
originator key 312 is the (partial) originator key for local user "roger", which has a value 
of "3CF0 40A9 ... 06E0 080116". One-way hash function 316 performs a computational 
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algorruirn on' uiputs SOLO'S and '3 12 to' generate a fix-length array of bits called a hash 

.. ....... «,. .... »iii-3<l t.d "l.r. -..'i r.: -1 - 



value, but referred to herein as a "digital signature " 3 19. 

•" 5 " '''Prefe'rabiyrthe 'olie^vvSjPI&sii Action ^l^'is'^e 'Message Digest 5, ("MD5") 
"function? -The ; '< - 



10 • 



. r ■ 



1-5 



r:: '" 



■'20 



;tionv - The MD5' function; rs 'described in RFC 1321, entitled "The. }4DS Message- 
Digest'Xlgoriairn^ by^- I^VelsfSnd wrtteiip ?§^'"S>wever, in^eYeml>pdfeiarts", the 
; comptrb&orr algorithm' a^^c^pltfon a^ondun mat prockkes' a variable length digital 

- - -'An^exa^ ?n ihcT present in vention is 

the data encfyjitiort ^goriMi c <ie^neW entitled 
"Data Encryption Aig6rit^^ U^ Ae,same inputs as were 

' used to- produce the hash'Value ate instead encrypted "with an authenticated message server 
7 public 'key or a local fisef's public key.* Note that when such an authenticated electronic 
userid is returned; if can either be decoded' with an" authentfcated' message server private 
key or a local user's private keyVor it'can - be recomputed using the authenticated message 
server public key to^ 1 " iu ' " ! " fc ' % 

-n. J i-r? 0nce r the digital signature 319 is cpmputed, the" digital signature 319 is passed on 
to adaptation algorithm 320. "Adaptation algorithm 320"fi^sforms 5 or maps, the digital 
signature 4 3 19' to *ah ^dcfeptable 'fdriri for ' transmission m a return e-mail address. 
Preferably, a base64 conversion is performed by adaptation algorithm 320, ^whereby .the 
conterminous 6 bit'sfcitigs df the "digitkl signature are mapped to ASCII characters as 



follows: 1; - 7 " ' " 






».i i < ." '. • ■ - 


oooooo -m looi 




i''.. :" ; : ' ' . - - ■ 


,011010-110011.,. 






110100-111101 






111110 


+ 




nun. 


/ • -:■ 



.. .- In one embodiment, the output of the adaptation algorithm 320 is an adapted 
25 digital signature 328. However, in another embodiment the functionality of the adaptation 
:r . - algorithm 320. is performed by. logic circuitry, or it is embedded into the particular 
. computational function (e.g., one-way hash function 316) directly. In still another 
.. embodiment, the digital signature 319 does not need to be transformed with a base64 
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. C ° nve 5 si °^ ra ^ er ' *? messaging system ^_|Pp. ^pporte . binary a^d ; ,qther digital formats. 
< • - M< ?TT^i" f ,?^^*^?^^^r^-S4Wed. rSisnature 328 in 
^ ^'^^K^^^SJ^^^ ^m^m^?^m.^mtemtt e-mail) 
^^^f:?^?^!^^M?^^9^yi ^.e,character.setjs;easily replicated 

^^PH* - ^fg<^ A e £fef ^»§WM««^ : lF^2pa^^^l^^^^i^-Btr>c»n which the 
authenticated : electronic userid 1350 can be typed j. . . . ., 

\ : ; , , !..Jfc e .ff^M^llfe^!^^ electronic 
" userid 350 for the^ ^^^.JSg^^i^ ^©te,usei; "jenny @matericpm;' i • Identifiers 

-c ^'viE^I %/P^f r ^^^ r ^?P b ? ls ( e .&* a periodv.an underscore, a hyphen, 
ap a^ersan^ ete.) are .conc^^twl to.-for^-^u^eB^cated electronic, userid 350. For 
example, the retum address 
"roger.SrTwIFa?^ IThe i authenticated , electronic , userid 350 will 

. "be the return/reply address, tQ iocal user, "roger," . . ~- .. .. • . •• :■ 

Assuming^ authorization, is; .- ..otherwise ; not ... granted .. to remote user 
;jenny(^maiier.com'', .then the only .way remotemser "jenny@mailer.com" camsend an 
electronic message to local, user. "rpg e ^ 

electronic userid ,350 v . Since local user, "roger", .controls^whether remote user 
"jenny@mailer.com" will receive an authenticated electronic .userid 350 .with which to 
.send him an electronic message, unsolicited electronic messages and/or unsolicited bulk e- 
mail from remote ; user "jenny@mailer.com" should not occur. . - ^ ; 

FIG. ^.^de^ic^ a.slightly^gdmed.functional .overview .of aujhenticatedrmessage 
, ser Y er 300 : here. identified as. authenticated, message -.sewer 400.- Again, the digital 
signature engine 418 is preferably embodied in the aumenticated message server. 400. It is 
n(?te ^. th ? t ^e,. ^Ptation algorithm 420 is different than the adaptation algorithm 320 
shown in FIG. 3, An improvement in the adaptation algorithm is described, below with 
reference to FIG. 6. Moreover, the authenticated electronic userid 450.is different from 
authenticated electronic -userid 350. Modifications, include the use of a plus sign "+" 
, delineator rather than a period between the local userid 424 and the adapted digital 
signature 428, . Significantly, the adapted digital signature 428 is no longer an 
unrememberable value, but rather a.rememberable value. 

Turning now to FIG. 5, it depicts a flowchart of the process of generating the 
authenticated electronic userid 350 shown in FIG. 3. In step 504, a request for an 
authenticated electronic userid 350 is received by- the authenticated message server 116. 
According to one embodiment, an outbound message, which comprises the request, is 
separated in step 508 and data from the "to:" and "from:" fields is extracted: Additionally, 
the originator key 312 is also separated, if it is included with the message, or it can be 
stored and retrieved from a table which is part of the authenticated message server 1 16. 
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' - -According to orfe ■'• v BnibbditoenV' , tfae outbound message also comprises pre- 
processing seexmty^evef*^ le^ u o^e^ receive. 
For exampie^a'-O^^^ electronic userid is required 
; for the me$<&gC ; &Kere as' a'^' i^ electronic userid is good 
5: for^^pereSriat^^^ A "2" 
indicates that the authenticated ^^tfolilc^ifeOTd J is* gobcT only %iTtheT remote user or 
'.i * ■ - m^age reeipientv afaTS^^^Hti^ for a preset 
- perioftW^^^^^ fiottfej'^ 3 ^ Intone em^pdinjpnt of an 
. . i ' Authenticated electroriiB usenc^ fli£ t: vali?e Ttffttf : kefftin'ty" level field is* retained as a portion 
rlO \ of kh€ "-'adapted-' digital J si^tdr^ 2l3 7 r iidentifying the 
- ; : security .le'vel v of the au&eriiiHated Vlectfonfc userid fcafr bemused* * 

/ ; '-: 1: -i : Data- 1 extract e'd 'in* the separating- step 508 s , tbjg'^th^r'ivith the originator lcey r 3 1 2 are 
hashed by the one-way hash function 316 J iri ktep' 51 i, preferably using an' MD5 hash 
- ' function, to genefateithe digital signature 3f9. Afte^step 512, the digital signature 319 is 7 
15 i ' ^converted at-^ The output 6f the base64 v ^ 

conversion ^gorithm : 'is thb r adapted digital si ghature 328/ The adapted digital signature ^ 
v 328 will^in'^art^graiitfhe renidte User "jenhy@niailer.com" privilege to reply or send a \ 
u' * : message fo ibc&l "-tiseif ^^rogear* 3 : • " - 1 : ■ • - ' ; / " '/ 

• : ' v -In step- 520; : the output' of the : ^adapWibn algorithm 320, that is,' adapted digital 
20 signature 328, the originator identifier 324 and the originator's host or 'domain "name 332 
are concateriated^ a single authenticated electronic userid (e.g" userid 356). According to 
; . one embodiment,'* the 7 fesult -is'- stored in ah authentication Tog file that can be* indexed^ 
i : ■ and/of ■■*Searched ? "fof J -matching strings and/or authorization levels in - the'* future. The 
. : advantage "of such a system Is that 1 the authenticated messalge server 116 can' track and 
25' .record incoming and' outgoing messages and privileges so that security breaches can be 
. tracked and 'fexanfined by an administrator. " fc ' 

: . i ; In «step 528;-' the authenticated electronic userid" 350 is returned to' the message 
. server* (e.g.* server 108). According -to one' embodiment thfe process is repeated for the 
.remote user specified in the "cc:" field.' When the message server (e.g. 108) sjpools out 
30 messages to the other remote users, the "from:" field will now contain a unique 
authenticated electronic userid for each of the other users ak well. Hbwever, in another 
:. * embodiment the identity of other remote users identified in the "to:" arid "cc:" fields are 
* recorded in an authentication log file so they can be matched with the appropriate inputs 
. . used when the authenticated electronic userid 350 was created. 
35 In another embodiment, the authenticated message server 116 supports explicit 

» requests for an authenticated electronic userid 350 without the need for sending a message 
: through the message server (e.g. server 108). Such a system can be employed where a 
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local user specifically reguests^ an auAentic^te4_electronic userid 3 50 or. :: desires to give 
such a userid to a remote user, p^aij^onOT^ list.) 

.: In f tead ..? f ^PS? 1 ^ ^cA^fM^Sj^?* ^JfeP^cated.elecj^ruG-ruserid 350, the 
•"" ,' autlienticaied; ^rver .1 1^ ^Xr^W^^^?RA^^v^\S>^m^ userid 350 

" 5 """ directly to the 'local user. h . " 

" " ' FIG". 4 oVaiso adaptation algorithm 320 shown in FIi^^ o Aio^j^ridjl|^ : 604- is shown 
. to i illustrate the relationship between local^userids^an4 0 qriginatpr.-Jseys - shown in 
originator key lisf .6 12.. .. .. ' .. . _ . . .. . ' 

1 ?. . , ... ^^fty&M. *,m^fy.P&fpne4. embqd^^^f^yrseven .originator, keys are 
used, each originator key_haying a.one-to^many relationship^with local useridsj6Q4. The 
.1 .. \% st character of local^userids ,604 determines whi ch. originator; key- ,is i associated; with it. 
. jwentyrsix keys are. reserved fpr letters A.-Z (ease insensitive), ten for numbers 0-9, and a 
miscellaneous key for characters not notching the first Airty-six -values. According to an 
15 alternative embodiment, t any number of originator keys, n,. can r be used, j In yet another 
' . . embodiment, a database can be maintained by the mail host,. 2 1 6- or the authenticated 
: ! ... message server 212 that identifies, local userids, and jfheir preferences (e.g., always reject 
messages having an invalid adapted digital signature). If each local userid is allowed one 

or more originator .keys, then the database can store Jhem., . .. • r 

?°. . Digital signature engine, ^l;?,- shown ^^h^.^ction 7 42a^l^e^ably- ^ t3^e MD5 

- ; . .faac? 011 ). combines^ local userid 608, "Alice",.with Alice's corresponding originator key 
, . . 6 }9 ^rernote ^er information 6.16. Remote user _mfoi^tion r includes at least, a domain 
name and can also include the remote userid. . The output of the digital signature engine 
.418 (shown here hash function 620) is a. digital signature (or "hash value" 624, as the case 
? 5 . . mav be )- ,Xhe digital signature is preferably a 128-bit .value. The adaptation algorithm 626 

then modifies the digital signature. „ . . . . . -, 

Adaptation algorithm 626 first performs a boolean function 628 on the hash value 
624. The extent to which the hash value 624 is modified depends on the size of a word list 
636. According to a presently preferred embodiment, the word list is 4096 words long (as 
30 used herein, "words" does not refer to a length of a value, rather it refers to the yalue itself 
- a word in the word list can be virtually any length), however, the word list 636: can be 
any length, m, depending on the degree of security desired (the more words, the greater 
the security). Since. 4096 words are in the word list, the extent of the modification is such 
that it yields a value that is equal to or greater than the number of words, m, in the word 
35 list 636. The boolean function 628 modifies the hash, value 624 into a 12-bit value 
referred to herein as a "modified digital signature", or more specifically a "modified hash 
value". In one embodiment, the boolean function 628 selects the first twelve bits as the 
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* modified hash value. In^dth^r leiftbodimeht, i&NDT or '6k functions 'can combine one or 
(V morepreset^^ 

. . V ' ^Tfietm^^ 628 is passed' to the adapted 

• digita-&gife^^^^ Higit^signa^re selector 632 includes ,the 
5 word list 636 and, optionally, a number generator 640. 'The .adapted* digital signature 

^seld&^ ^MiM fusing the modifiedJiash value 

r ■-■ * ^^ccSftiingSfe : o&e s eiM>Saiifae^t; 0 k ttfddufi^ irac&oij^ modf 
function or % operator) is applied to the modified hash value, the b£se being the number 
10 : bfw6M'sr-m/ : ^ ffihe J modulus function returns zero," then the adapted 

-digital' -signature sde r ct6F632 4 retrieves a Word corresponding \ to (i.e.*, indexed to) the 
"i ^ modified hash value:"' Hb^ve^rrf the rrfbdUlus ^ function retiihis a value other than zero, 
- ; ^ then the - adapted digital' kignature Elector 632 retrieves a word corresponding to the value 

" ; < vreturhed by the m^ <■ * 1 ' ' ^ ^ 

15 Forexample; if the inodifiecf hash value is v 3 arid there are 5 words in the woi-Hlist ; 

: 636, i: theh- word3 'is- the word s^fected^^ffi ( tlie' word list 636." f-towever, if the modified 
hasb value is-7 ahd^there ; are 5 words in the word* list* 636, then word? is the word selected 
: - fro*m the ttbrd list 6J6. - ' - ; >V ' b ' Al -' tr J - :: - - — 

The number generator i540 'generates k 6ialciilatea riumtier, a preset number (e.g s , 
20 identifying ^ status or mode 'for the adapted digitkl Signature 652), ? orany combination 

* " ■„ ;thfereof . Preferably , the number 7 generator 640' generates a number based on the remaining 
1 - 116 bits'from -the digital 'signature ~(or hash value 624); 'According to one embodiment, a 

>rf s ix- digit ASCII- mimlber'is generated^* The first digit corresponds to' the mode of the 
adapted digital 'signatuffe (e. gi; whith set of remote user information was used as an input 
25 to the dijgital' signature engine 4T8- : the remote user domain name, or the reniote userid 
and domain name). The subsequent five digits are based upon a bit pattern of the unused 
portion' of the hash value 624; For example, sixteen bits dif the 116 bits can be selected 
v • and a combination of those sixteen bits can be turned into the five digit number. 

- The value 660 generated 'by the number generator 640 is appended to the word 656 
30 selected from the word list 636 to form the adapted digital signature 652. The adapted 
• digital signature 652 is concatenated with a local userid 608 and a domain name 664 to 
*i form the authenticated electronic userid 644. A delineator (e.g., "+**) separates the local 
userid 608 from the adapted digital signature 652, while the at sign ("@") separates the 
' adapted digital signature 652 from ' the domain name 664. Of course, other delineators, 
35 . • such as the minus sign ("-"), the underscore ("_")» the period ("."), the equal sign ("=") or 
. ■'■ fixed length values can be used to delineate the address information. 
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^ If added security is : desirejji, then the ,wprd t U^ t ^3.6 r £an b^. bit 7 >vi§e barrel-shifted or 

otherwise scrambled so that the values ^n.the^^dt;. 1^:63 6 -cannot. be casually copied. 
Accordingly, -the scr^y^v^^^ .cpny^J.ed f>y t the, ^daptatiqn, algorithm 626 when 

the. word is needed,. or J^ x ]?^ digitd ; signattjre 652 to 

- - - ■ r 'i , . . FI 9* 7-. A?-* a B l a ^ tl ? e J^ Ga l?4 electronic 

. v r -jpserid 350 base^l pnj^me^g^ ^p^^a ^^o^ £ i£e|: no In,;^^ is 
v j>^sed fr^^ p^o.^ery^r ID^^d-isj -jtfeea r^eiyed^, : authenticated 

^ message, server 116.. Ir^ s^ep .708, l^fer : i^onna#pn^ as envelope information, 

^ ^ in-garticiji^.tiie remote user's domain name, 

the remote useri^d qlectronic, 4 use]fid^^ to 

y FIG. 3, the left side of in ( bflupd4ufl>enticated electronic userid 35.0, specifically -originator 
. r . identifier 324 "roger"),J 5. tested, in step 712 to.confirm that the ? user is, a valid local 
user on the messaging system 108. If the originator idpntjfier 324 does not identify a valid 
15 . local user, then the ^authenticated message, server 116 processing continues to step 736, 
which is explained, m further detail bejow.. If the identifier 324.contains avalid local user, 
: \ . then the jp>cess^ . T *;■*>.,■., : 4 - - - ;v 

v - . , In step 716, -the authenticated message server .11$ performs^, a lookup, on the 

. ... . ^originator key (e.g., key Sl^r^atedJo the^locaJ xiser T "rpger" Next, in step 720, a hash 

2.0 £ (or alternatively. a, data encryption ^gorithm) is performed on the locaLuser's originator 
r ^ . key. 312,. in cpmbination with the rempte user name (f.g. v "jerlny@mailer.com ,, ) 308 by 
the digital signature engine .318, In step 724, the, digital signature 319 returned by the 
, digital signature engine 318, at step, 720, is converted to ASCII characters by adaptation 
algorithm 320. The result of. -the, conversion (the adapted; -digital signature 328) is 
2 5 compared with the adapted digital signature of the inbound message (that is, the portion of 
the authenticated electronic userid 350 between the (period) and the "@" (at symbol)) 
in step 728. If a match is confirmed, then the authenticated message server 1 16 continues 
to step 732, where, the inbound message is accepted and passed on to the message server 
108. From here, the process terminates, since the local user "roger" can retrieve the 
3Q. . message from the message server 108. ....... 

. However* if a match is not verified in step. 728, or if the local user does not exist 
(step 712), then the message is rejected at step 736. According to one embodiment, the 
... . . remote -sender is notified of the rejection and the process ends. However, if tracking is 

desired, then information about the inbound message (i.e., remote userid, remote host, 
.35 date, time, etc.) is recorded in a failure log. file for examination by a system administrator 
at a later time. 
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... - f FlG. '8 depicts an &tertiative method f6r "processing m iriboiirici electronic message 
comprising^ Adapted ai^fsiiKa^e l 652^ L r - ^ 

;;r Iri^aict 804, an'intidufifil felectronit meSskge internet 204 at the 

- mail ' a excKanger 2'08r°*AcCor&^ electronic message 

5 comprises message header infomatiorf/sti^ Froiti"Jaddress and an 

- , 'SMTP :v k : ePT-T6 n atfcfr^^^ message ifefvet 2l:2"parses the "to:" 

•Ti^ld :: rr^eiver^ ^ihfofm^onp^oiff 1 ^ vfiSf&i ^itfbiSdlidfi r X&g*, tte "RCPT To" 
' : : : iriformMo^ SMTP^me^ssag^ej tV Identify' k lb&i^isMd 1 ^^ 
■ n ;v * digiiaF&kiiatraV be 
-10 'parsed mract r 8d8. s *Ne^ iI 'i!Df , ia£t l 'Sl!S I , a'test-iis ^ information to 

' 'determine whether^ ab-assdciaLted t ; k>cal usend Hg : protected' by"tHe authenticated message 
— ' server 21 2. K If the associated i'Sci&f u } sbB(l i^iiot protected; then in act J8 1 6^ the message is 
: * accepted any- passed tin 1 tfr-the mail host 216: if the' associated ^userid is protected, then 

processing continues f6abt r 820^ c * ::, - :;i * 1 J;:3 ^ ,Ckj ' f : — -^ :v: r . - . - * >> 

lb" V • t: Iif T act "820; ; 'tKe 'iautfieiiticated irfesisage' serve* 1 '212 'tests *th£' recfelvS: information 
: r „. . patsecl iri act r 8G8 tb^detemiirie ^whetlier ttier receiver infc^&tion an adapted 

digital signature 652. If the receiver information 'does riot IhBlttde ait 5 adapted digital 
- Vs: ;T signature 1 652,'' then in act 824 the message is conditionally accepted" but marked as 
unsigned. " Iii oiie eriibodimeht; if : & l local user or the 'adtaimstrator has Configured the 
2CK r authenticated message server 212 t'd reject ill iinsighed messages;" then a receipt log record 
J ° can be made recording itie* message header "'information and thie niefcsage can then be 
- r ' *• ; purged: However, ^-iri another embodiment, the administrator, or thfe' local user, may 
specify that xmsighed -messages rtrust be queued to a particular location for later manual 
-review! If the receiver information does include an adapted digital signature 652 then 
2 5 - processing continues to act 828\ ' : * ' ;j - ' ■ 

■ In afcf 828, a key - lookup* is performed. According to one embodiment, a key 
"lookup includes matching a local userid (e.g.yfrom the local userid list 604) with the local 
liseridin tHe authenticated electronic userid (that is, the portion of the userid before the 
' "+") and then- retrieving the 'corresponding originator key from the originator key list 612. 
30 In act 832, the remote user information 616, together with the retrieved originator key 

— ■ (e.g., originator key 610) and the local userid 608 are used to calculate a hash value 624 

- with the hash function 620. 

It is important to note that if mode information is contained with the inbound 
adapted digital signature, then the particular remote user information used by the hash 
35 " function 620 can vary. Thus, according to one embodiment, the first digit of the number 
660 will determine which remote user information to include as an input to the hash 
function 620. 
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..... ( ; , J? act 836, the adaptation ^Ujorithm 6££ adapts the hash value. 624 to form an 
adapted .digital signature 652 t te.g„ ^eiwprd 6^and,.number : 6,60). In act 840, the newly 
. created adapted digital sj^ature^is CQrnp^u^^^^^he^adapted . djgjtaljsignature in the 
. , ' .-, inl3 ? u ^ d n ^^ : ^j v |^;H 1 fe^^ c ! n -j ?T *?.^ wo ; ada R^. d igi t al .signatures match, 

5 ^ ^ r0< ^f sir ^ g , '™$rnfr? ^jfS'oiHSr* 8 '* i^e^o„adapted ,digital signatures do 
.. ; not match, then the hitoimd e-maij, 'mes^&j§ ! ffl%^-~.b&^ auAeaticated message 
server 212. . .. ' . . , , , 

, ., - ,., ,,. In ^ ct ,^ 8 .' the inbound e-mail mes§age is,, accepted, by. the authenticated -message 

■ , se jy5L?l 2 .^^Hed.as signed. Once the inbo.imd._ermail : . message Js.marked as signed, 

1 0 it can be passed .to the .mail -host 2J 6 for .access by the user e-mail client 220. 

, , „ . According to > one embod|ment, - fce i word. list 636- is- : not?configurable after set up of 
the authenticated message s?^er 212, .^ther* Ae.^ must be modified prior 

,, , to. ^ initialization x of the authenticate! message, server 2 12.. ^.However, if a post set up 
. : ^odifiable Word .list is desired, r then..a, substitution, list can. be maintained. According to 
15 one embodiment, the. substitution; li^t is a two field, multi-row table, configured to^ hold a 
first word and a second word in.each rovy.: A rempved word field (column) holds- the word 
, v *at was removed frorn .the word ..list 636. and; a new- word field, (column), holds the new 

.word substituted for the replaced word. . _ v .... „ fr , r , . -. . 
^ . . r Thus, When an inbound . e-mail, message is received at . the authenticated message 
> 20 ., . s? 1 ^^ 212 the^ authentication process can further involve testing the substitution; list tQ 
determine whether the word .656.. in the . adapted , digital signature 652 us a .word in the 
^ . removed word field of the substitution list. If the word 656 is in the- removed word field of 
the substitution list, then when the adaptation^ algorithm, is performed the word selected by 
the. adapted digital signature selectpr 632 from the word list 63-6, is. matched with a word in 
25 the new word field in the. substitution list. The_ word selected by the- adapted digital 
signature selectpr 632 from the word list 636 is then replaced with the word -in the 
replaced word field of the substitution list. . . 

According to one embodiment of the invention, the electronic message body is not 
accepted via the_ SMTP .process unless the authenticated message server 212 verifies the 
30 adapted digital signature. Such an embodiment saves bandwidth. However, according to 
an alternative embodiment, the authenticated message server 212 verifies , the adapted 
digital signature after the message body is (conditionally) accepted. < 

. In still another embodiment, the. functionality of the mail exchanger 208 can be 
incorporated into the authenticated message server 212. 
35 According to one embodiment, the steps for generating and verifying an 

authenticated electronic userid are, performed by a computer program functioning as a 
stand-alone server, or in an add-on software component in a message server. In one 
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- embodiment!/ the instructidfis fof perfoTitiing the me&o'ds and! techniques described herein 
(the computer ^programp^^^dfea ' &fi 'eL^com^ as an 
electromagnetic storage de^l^e'^g.r' a floppy aisk^a'm^^^ or 
other perSikehf ^n^bi^devite)^ Vr ^ : 'tf^ff2a^^^ a CD-ROM). 

: 5 GerM^ of 
ihitm^ms iare c»£ieS&^ m^ira\e|i the ^d-disk 

drive) to a volatile source (e.g., random access memory) and are executed firdm the volatile 

• : * cbh^K^feridabfe 1 m^<fi^?°¥bf [ i^^seg yf f Bx|)lanafion; tfe me&o°(fe/and techniques 

described 1 herein were ^atithe^icafedm 
10 the actual fmctiohality is'perfato^cl, that is bh Which £iece bf hardware,' is not important 

- : fof puipbses ; bf fliis : deiscriptron. For example;' §&Ver 108 can be configured to perform the 
■ ." ' functionality of both a message server andah authenticated mbssage server." 

•' - - ■ ■ - The present inventions 'are particularly HiSefur' as' a spam ' (of junk e : mail) filter. 
• 1 " Advantages- bf the * present inveritiori include ; that ft integrates into existing " electronic 
15 < messaging -Infrastructure (£g;, SffiTP and ^01*3" gy^tfems) without requiring addi?ibnal 
- ' ■ -Hardware br software- by both the sender ^d r Yecieiver. Thefe is no 'need to T Share 
proprietary 1 ericr^tioitf decryption algorithms 'or keys between a message sender^and 
recipient as in traditional symmetric or asymirietrib ' ^^ption/ algorithms Further, it 

• L • - greatly - : reduces the ' chance of spoofing : by a * spammfel by verifying ' the recipient 
20 r > information without requiring a handshake^or re^-time : connectibh between a sender and a 
"Ji- - recipient." Finely Vthe^ linguistic or cbntent- 

- basejd v rules Tor : filtering sp^rii. : kather, the' Wention' tan be realized without refereifle to 
:* the-content "of the inbound message body. * 1 '^m.-j . . _ 

• In flic* foregoing- specification; the inventions have been described with reference to 
25 r i ' specific embodiments thereof. It will be evident, hbwever/that various modifications arid' 
: changes can : be made thereto 1 without departing from the broader spirit'anci scope of the 
invention. For example, larger or smaller originator keys (e.g., 48 or 128 bit originator 
keys) can be used. Further, the adapted* digital signature can be truncated in order to not 
exceed the boundaries of the address field in ah electronic message. Further still the 
30 .. authenticated message server functionality can be incorporated into the message server 
- \ (e.g. server 108) rather than in a stand-alone device. In still another embodiment, part of 
the authenticated message server functionality (e.g., generating an authenticated electronic 
userid)' can be performed in a client application running on the local user's computer, 
rather than passing the function on to the message server or authenticated message server. 
35 .In yet another embodiment, the authenticated electronic userid is created by a smartcard 
coupled to the local user's computer, or a smartcard connected to a user's wireless 
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telephone. The specification and drawings are, accordingly, to be regarded 
illustrative, rather than a restrictive sense. 



in an 
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<•< 'Claims ' '* : " " r ^ '"" ' '* K ~'' :t 

What is claimed is: 

1 . A method for verifying an authenticated electronic userid comprising: 
receiving an electronic message from a remote user; 

5 extracting an originator identifier and a first adapted digital signature from 

said electronic message; 

retrieving an originator key based on said originator identifier, said 
originator key not being shared with said remote user; 

generating a second adapted digital signature, said second adapted digital 
1 0 - signature based on at least said local userid and said originator key; 

comparing said first adapted digital signature to said second adapted digital 

signature; 

accepting said electronic message from said remote user if said^first 
adapted digital signature and said second adapted digital signature match; and 
15 rejecting said electronic message from said remote user if said first adapted 

digital signature and said second adapted digital signature do not match. 

2. The method of claim 1, wherein said act of generating said second adapted 
digital signature comprises: 

hashing said originator key and a local userid with one or more other 

2 0 identifiers to form a digital signature; and 

converting said digital signature from a first digital format into a second 
digital format, said digital signature in said second digital format being said second 
adapted digital signature. 

3. The method of claim 1, wherein said act of generating said second adapted 
25 digital signature comprises: 

performing an encryption function using said originator key and a local 
userid with one or more other identifiers to form a digital signature; and 

converting said digital signature from a first digital format into a second 
digital format, said digital signature in said second digital format being said second 

3 0 adapted digital signature. 

4. The method of claim 1, wherein said second adapted digital signature is 
further based on at least a portion of remote user information. 
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5. The metiiod of claim 1, further comprijsjng: ... - r 
■ ■■ ' • " ' ^mp^^^d ori||nat<>r ; id^f^^ a. l|rt.of local. iisers; and , ,. 

, ' . . " 'V rge^n^ said electronic me?sage G is D ^ajd,9rigii^tpr identifier is not found 
in said list of local' users. 



. , , f : :.. ,, A J^*?.^ for ,p r ,^n^ m auApn^ comprising: 
t . ' ,^2**™$ a s r^uestJfor^d 7 ai^c^ct^^^ electronic userid; , v 
l . . ."■ . retrieving an originator key, jsajd~originator key. corresponding to a local 
usehd; " " , 



^ r ; , gene^tingan adapted digital si^atip*,^ based 

oh s^d originator key,, said . 

. . .," c ?? c . at ^ a ^g. , sai( *. adapted, digital .signature with at leasts an originator 
identifier; and . . . . ^ . . _ r . f 

returning a result of said act of concatenating as said authenticated 
electronic userid. '■.',■■,,/- 

. . 7 - ... - The method pf claim 6, wherein said, act of generating said adapted digital 
signature comprises: J \ : , , v . .. :: . . - . 

hashing said originator key, said^ local userid,, and one or more other 
identifiers id form a digital, signature; and . . tr . . ;: - _„ . : 

converting said digital signature from a first digita^format into a second 
digital format, said digital signature in said second digital format being said adapted 
digital signature. 



. .1 . 



8. The method of claim 6, wherein .said, act of generating said second adapted 
digital signature comprises: 

performing an encryption function using said originator key, said local 
userid, arid one or more other identifiers, to form a digital, signature; and 

converting said digital signature from a first digital format, into a second 
digital format, said digital signature in said second digital format being said second 
adapted digital signature. . 

9.. The method of claim 6, , wherein said second adapted digital signature is 
further based on at least a portion of remote user information. . 



10. 



An electronic message system comprising: „ 

a computer configured to run an electronic message server application; 
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a router colipied to said computer, said router configured to forward a first 
elective- mess^ comprising a first 

authenticate router J ^ receive a second 

electromc message from a remote user, said second electronic message comprising a 
second authenticated electronic userid; and 

v., - ..j ' J tf-comp\itef program stored in la memory device coupled to said computer, 

said coniiiulfe!r *$ogr&rti to generate said first 

authentJc^^ first electronic userid 



having an adapted digital signature and an originator identifier, and said computer 
• 1 0 : -prograni £ further ' cbnfigitfecP i£ l 't^ose 1 computer \ to reject said secpnd electronic 
message if slaid computer -carihoV re-gerierafe Vaid adapted digital signature from envelope 
. informatidn associated said 'second electronic message and match said re-generated 
adapted digital signature with a portion of said second authenticated electronic userid. 

11. The electronic message system of claim 10, wherein said computer 
1 5 program is further configured to generate said adapted digital signature by: 

- v : J v • * ' ^hashing an Oliginatdr key; a local userid, and one or more other identifiers 
to form a digital signature; and ✓ * M 

' 1 : - ' converting feaid ' digital signature from a first" digital format into a second 

digital format, said digital signature in said second / digital" format being said adapted 
-20 digital signatire^ " r * -j.l:.. > • — 

12. The electronic message system of claim 10, wherein said computer 
program is further configured to: 

\ - 1 - ; extract an originator "identifier from said* envelope information associated 

with said second electronic message; 
25 ^ « compare said originator identifier to a list of local users; and 

reject said second electronic message if said' originator identifier does not 
• ' match a local userid in said list of local iisers. ' 

13. An authenticated message server configured to create and verify an 
authenticated electronic userid, 

30 wherein creating said authenticated electronic userid comprises: 

receiving a request for said authenticated electronic userid; 
retrieving an originator key, said originator key corresponding to a local 

userid; 
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. '. ( . . gena^tinp^ .a first adapted digj^l signature, said first adapted digital 
sjgnarure jjased on said.^ more , other identifiers; 

concatenating said first adapted digital signatoe.y^&.at : least>an originator 

identifier; and 

5 . . . ^returning a result of_said..^tep. of, .concatenating- as said authenticated 
electronic userid: and 

wherein verifying said authenticated electronic userid comprises: 

, _ receiving an r electronic, mes^ge JErom f , a, ^remote- user,- said electronic 

message comprising said authenticate^ electronic userid; _ ; - . , - - .,r ^ . 
10 extracting said originator identifier and first adapted digital signature from 

said authenticated electronic userid; ,;>~ r ..-* . 

retrieving said o ; riginatpr key ; based f on ?ai4 priginator identifier; 
generating a second adapted digital signage,- said second adapted digital 
signature based on at least said local userid and said, originator key;, .: - . 
15 comparing said fi.rst adapted digital signature to said second adapted digital 

signature; _ . : 

accepting said electronic message from said second remote user if, said first 
adapted digital signature and said second adapted digital signature match; and 

rej acting said electronic.message from said remote user if said first adapted 
2 0 digital signature and, said second adapted. digital signature do not match. 

14. ^ "The authenticated^ message server ..of. claim; ,!3 5 : wherein said -acts of 
generating said first adapted digital signature and said second adapted digital ..signature 
comprise: _ . . _ ; , %i . , ■ , . . 5 . . 

hashing. said originator key, said local, -userid, and one or more other 
25 identifiers to. form a digital signature; and 

converting said digital signature from a first digital format into a second 
digital format, said digital signature in said second digital format being said adapted 
digital signature. : ■ : - 

15. The authenticated message server of claim 13, wherein said act of 
30 generating said first adapted digital signature and said second adapted digital signature 

comprises: 

performing an encryption function using said originator key, said local 
userid, and one or more other identifiers to form a digital signature; and 
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o r 6onverting J sai3 dtgitai signature from a .flbf digital format into a second 

■ - digital' Foiffiat, said di£^ second 
' adapteddigitai'si^ture:^ bj " : ~ iiail bi * z i^ 11 ^-' v, ' : 

4$* ^'TWeauMentic^ 

5 other identifiers include remote user information. ' : ' '~ : 

* h^xTico hit*?.. ■ - h:yx. y*h bslfniinstUx? hi*-:* ^r.uv t .r: i : M ;;;^^-( v ■ 

„,••..*. 17/*^ trieisigc server of cl^m r l*>, wfierein said one or more 

other identifiers include relate ^b^^ * llJli " "' tJ - : ->.w... .,-.«c-...>.- 

1 8. The authenticated message servef of claim T3* 9 wherein said act o:f verifying 
said authenticated electronic us^Hd ftirther comprises: ' " " - ' ' ' ' 
10'* - :H : extracting ' said brigirtator -identifier from' said envelope information 

associated with s^id^lectrbnib mfessa^ j 1 ' * ' ' ' - ' 

:r ^ f - ' - 'comparing said originatbr identifier to a list of local users; and it 

rejecting said electronic message if said originator identifier does iiot match 
... ^a pirticilaf lo&l userid : in ; said list of l&^users. ^ 

15 .or r 19. 

f! -fec^ivihg'ah electronic message from a remote user; 
generating an adapted digital signature based on an originator identifier-and 
^ ' remote user 1 information^frbm said electronic message and an originator' key, said act of 
r generating comprising: : - • i ; ' : ' 1lt " : - ; - ' " "° ** ~ 

20 hashing a local userid associated with said originator identifier,' said remote 

user information and : said originator key to form a digital signature; 

transforming said digital signature from "a first digital format to a second 
digital' format; and 1 - * J - • 

returning- said digital signature in said second digital format as said adapted 
25 digital signature; , . 

comparing said adapted digital signature to a portion of said electronic 
• -'-•message;* - 

: ;7 accepting said electronic message if said adapted digital signature arid said 

portion of said electronic message match; and 
30 • • rejecting said electronic message if said adapted digital signature and said 

portion of said electronic message do not match. 
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. ^9: : , J 1 * 1 n^* 0 *? p^cla^ : 1.9,-whereig said electronic .message is a reply to a 
/ ' f lTS * electroiiic^ message. sem frqm a local, useri^s^ comprising 
said originator identifier, and wherein said portion of said -electronic message compared to 
said adapted digital signature being generated by acts associated with said local userid. 

5 21 • The method of claiia2p ?: .^ 

comprise: ... . ~. ... - 

; : .„. ^as^g^d^^o?a^ £&?n<k $aic^mpje^^ $aid-originator 

key to form a first digital, signature: . <. , ^ 

s riun-;..-; ♦■r.'j: -n; u v * - 

v T .^^ f 9^P&^4 f ir ?^ ^S^,signature frpm.said first digital 'format to said 

10 second digital format; and , ; ;... JT , s. . 

returning said first digital signature in said second digital format as said 
pprti on of said, electronic message. ........... . .. r ;. \ , ;; 

22. A computer readable medium having stored therein one or more sequences 
of instructions for v«ifying : an : authenticated electronic, userid, : ,said one or more sequences 
15 of instructions causing one or ( more processors to perform a plurality of acts, the acts 
comprising: . . ?r ^ t . . 

receiving an electronic message from a remote user; v, :i 
extracting an originator identifier and a first adapted digital signature from 
said electronic message; „ . . . : _ : 
20 ■ * . . . . ^ . retrieving ap originator key. based,. on. said : originator . identifier, said 
originator key not being shared with said remqte .user; 

generating a second adapted digital signature, said second adapted digital 
signature based on at least said local userid and said originator key;. 

, . . . ppmparing said first adapted digital signature to said second adapted digital 
25 signature; 

accepting said, electronic message from said remote user if said first 
adapted digital signature and said second adapted digital signature match; and . . 

rejecting said electronic message from said remote user if said first adapted 
digital signature and said second adapted digital signature do not match. - 

30 23. The computer readable medium of claim 22, wherein said act of generating 

said second adapted digital signature comprises: 

hashing said originator key and a local userid with one "or more other 
identifiers to form a digital signature; and ; 
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r : converting said digftal signkture *»6m a first digital, format into a second 

digital foin^V'Smd^ $^n£ dig^ toimai ^eing said second 

adapted^gital^si^Wui^i 1 ^' ™ noir-13 - "i^-*'" b *' : - "- : -* : 

24. The computer readable medium of claim 22, wherein said act of generating 

performing an encryption function using said originator key and a local 
.userid With*ii^€* ftiore tStfier ^nfififeiW tor Jbrfo i^i^si^afe^ and 

converting said digital signature* 'fifo^i^a^firs^- digital format into* a second 
digital' ^^mat j ' , *aid- digital -st^tbre^ri-' itad" ' : ^c&iiS : digiiiV 'format being said second 
adapted digital signature. ^ "* 1 '"' : '" 

25. The computer readable medium G&titfiA 2% wherein said second adapted 
digital signature is further based on at least a portion of remote user information. „ 

-yi. r :26, ' Tile cd^ 

-* - , - comparing said originator identifier to a list of locar users; and : ^ 

rejecting said electronic message is if said originator identifier is riot found 
in said list of local -users. ' l °- - ac " ' f ^ ' • - * • - • 

27. A computer readable medium having stored therein one or more sequences 
; of .instructions for : creating ! an Authenticated electronicuserid, s'aid one or more sequences 
of instructions causing one or ' more processors to perform a plurality of acts, the acts 
comprising: - - - ' -l A ^ v - . r - 

receiving a request for said authenticated electronic userid; 
' * ' " retrieving an originator key, said originator 1 key corresponding to a local 
userid; 

> - generating an adapted-digital signature', said adapted digital signature based 
on said originator key, said local userid, and one or more other identifiers; 

concatenating said adapted digital signature with at least an originator 
identifier; and - 

returning a result of said act of concatenating as said authenticated 
electronic userid. 



* . 28. The computer readable medium of claim 27, wherein said act of generating 
said adapted digital signature comprises: 
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:j ... ■ ., ir ; - ... .hashing ^aid originator -key, ; ,said ; loe^ ( ;userid, and one or more other 

identifiers to^ :, n rr £ ; . ; . ,. -. v .;.v 

. . . -b 9 ?™^ second 
... : J?™% f ;?^ig«r4n u .said second; ^digital format befog- said adapted 

5 digital signature. rn..^:; ! ,ocl bhrz diiw , 

: . » •.■ :„;■:-.%. ^^^^P^Tb^S 8 ^?^) !9fjfiu}ifc'^ i $feiw:2^whereSi said:act of generating 
said second adapted digital signature comprises: : .^ :CfiT:w - u bk..-: .-. 

•■. " --'--ho Vt;..- ,t >8^?P?P&;^s^^# 0 9 &inctipn:LUSirig:,,said;.6riginator key, said local 
userid, and one or more-other identifiers to foim : |t-.4igita)'»signatui«;.and'--.'K:' - <;- 

i: 1 ?. ... If.; .:.. -^Y^^JS ^,digM $g&m*fom-&$tt digital format into a second 

digital format, said digital signature in said second digital; :format being said second 
adapted digital signature.; ... r .; ;: ... - w . 



j ■ - . i ... 



30. The computer readable medium of claim 27, wherein said second adapted 
digital, signature is further, based on at leasj a portion, of remote user information. 

15 3 L A computer readable medium having stored therein one or more sequences 

- : - - pfins^uctions.for filtering junk electronic mail r ?aid one or more sequences of instructions 
causing on? or more, processors to perform a plurality .of ;acts, the acts comprising: 
. receiving an electronicf message A from a remote user; " 

generating an adapted digital signature-based on ah originator identifier and 
20 remote user ; iirformation^om said electronic message and an originator key, said act of 
generating comprising: 

. v , hashing a local userid associated with said originator identifier, said remote 
user information and said originator key to form a digital signature;- : lt , '1 

transforming said digital signature from a first digital format to* a second 
2 5 digital format; and 

returning said digital signature in said second digital format as said adapted 
digital signature; 

comparing said adapted digital signature to a portion of said electronic 

message; 

30 • accepting said electronic message if said adapted digital signature and said 

portion of said electronic message match; and 

rejecting said electronic message if said adapted digital signature and said 
portion of said electronic message do not match. " 
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: , 32; / *; The compute ' reMible medium of Claim '31,' wherein said' electronic 
message is a reply to a first electronie-mes^g^^nr'^ifi kiocal ^ userid," said first 
electronic message iedmjta said portion of said 

. eleclxcpiq^hiessage coi^ 
5 associated with said local userid. ^v-.w:::? v. :i 

: . v :>£$Alz (The. &mjp(fcap*itito^ said" acts associated 

with said local userid comprise: uvrnco r?TL f :Siigfe i£ji2r.b " 3;.: ■ r,;:o ^ : :;<? 

. v ;:i ^--'ill^hihg^s^ite^^^id, ^^liSS^ n a^'&^W^tion and said originator 
key to form'a . first: digits sigfcattofc;^iol - r ^sPir^U ?.nl m ~ si™*, -ir- r,<u .fc:is-*u 

.AP. : ;; 'si ■■■^ tran^ormihg saidlfii'st digitdl signal digital format to said 

■ secpn4.digitd;fonna^^hd^ ^-'sr^t Tf ^/.^v* L: v *v*l v b mo- '<;n;r 

returning said first digital signature in said second digital form&'as said 
portion of said electronic message. 

v3Ar -Amethod^for creating M adapted digital : signatiire comprising: i 
15 - retrieving an originator key, said originator key corresponding to a local 

-i : =, userid; rr; \ i-v I rs u *.:d . j^s'.r- v ' - . '-^Y" - ' ' c -; 

r. : : : ' - ^ running a digitM-signafo'fe Engine to : crbate a digital ^Ignaiiirk, said digital 

signature based on at least said originator key : anfd reitiote user information; ' Pl ' ,J 

retrieving a f word tomia -woM : iisf;'said word corresponding to . at least a 
2.0; portion pf saididigital signature; and - - ^ , . . . * . . . . ^ 

' < *y : - i returning at least said^word as ; said adapted digital signature. " 

. , . 35. . •: The r method of claim. 34, further comprising performing a boolean function 
on said digital signature to Cf eate a modified digital signature, arid wherein said word is 
: : retrieved based upon said modified digital signature.- 

.25. - -36. . The method of claim 34, further comprising 

generating a number; and 

appending said number to said word to form said adapted digital signature. 

37. . The method of claim 34, further comprising concatenating said adapted 
digital signature with said local userid and a domain name. 

30 38. The method of claim 34, wherein running said digital signature engine 

includes 
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. . , ..^^n^^f^ oner^hash fugcjc^-sqid pn^vpy hash function using at 

" ; least 'sad ong|^^^ said remote, usej^^raiition, said, .one ? way~ hash function 
"genraatihga l^y^saad^d hash yaJu^Jbeing ^digital signature. iour 

'vii^ v.^ • .0- 1 :j i L b\*z aniad vdsv rfesri bis.-. b;: r . /.ruitv r. .v '\r.-vj$ c .• 

39. A method for verifying an adapted digital signature comprising: 

5 retrieving ^on^^rj^^^^^^^^n of address information; 

comprising: 

V,,. fa^^^ and a 

* second portion of address mformation: * • - \.. ; t . 

- -J^n-* ^!vr?%*^°$:^^ to said digital 

10 signature; " ' . \ . . 

returning'at least said vvordas^aid adapted digitaLsignature;;, :: 

. , - %r rrr (%i . , ; ^P^g^rdgQ^n Wl redress .information Jo said adapted digital 
' x sigha1ixre;^d ' 

accepting said electronic message if ;i said third portion of said: address 
15 information. and .said ^adf^ted.di^itfil ^ig^tpre i^^Il. . , - 

40. The .method r of daim . 3.9^iurthencomp - 

; . .... _ - . * e ^g r .^d firet address information t9 determine whether a 

local* user identified by said receiver information employs authenticated message server 
services; and , K . , ■ . 

2 0 accepting said electronic message if said; .loqaj -user; does ^not. employ said 

authenticated message server services. 

4}-. . method of claim 39, wherein said, second portion of said -address 
information includes a sender domain name and said first portion of .said address 
information includes a local userid. 

2 ^ 42 * .. The inethod of claim 39, wherein generating said adapted digital signature 

further comprises: 

creating a modified digital signature from said digital signature, said 
modified digital signature created with a boolean function, and wherein said word is 
retrieved from said word list based upon said modified digital signature; 

3 0 generating a number; and . _ 

appending said number to said word. r 
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, .= 43.-'- " The methotf of "39/ wherein creating said'di^ital signature includes 

' executing^ «ne^y^'BW : %te^ J S&rbn*^ iising ' at least said 

originator key- ^d : ^*d^ ? s^M ^rtibfc' Sf ^ l ^e^^f^^^ioii; siid one-way hash 
function generating a hash value, and said hash value being said digital signature. 

5 .f-'.i ?44pba ^ gR^d&'^^^i^kem^^^ig'r" §n V '" r ' T ~~ 
" rjsaawqflg ^uffi^gaf^^e^^e-'^e^C^safd "authientidated message server 

: • confrg^to T^6ve : art ifilx^d^Sie^iii^^s^eT^an au&enticated electronic userid 

cannot be verified, said inbound electronic rii^ 
•* .[{: u* ^';^d% : m^^ server; wherein 

10 said authenticated message server is configured to remove said~ inbound 

electronic- message' by performing^ oi-. : . ;. : ^ 

;i :'.„ ' r; : c> ^generafi^ Signature, sairfacf of generating comprising: 

creating a digital signature based on at least an originator key 'and a first 
. portion bf^ ' ~ : >: 

15 retrieving a wore! frbfii a word list; said worii corresponding to *said digital 

signature; and 

returning saicf word as^sai'd adapted digital signatoe; 
5 • : - r: ' :^ ; cbmpaWrig a second portion of address' information to said adapted digital 

r signature; &rid --"j i\C : u ' :r: - 'sr-':\ r .... : . > - • - ti ° l - 

20 rejecting said inbound electronic message if said second portion of said. 

LW. ad'<toe3s«iiiformation ahdsaiS 

45. The electronic message system of claim 44, "further comprising a mail 
exchanger coupted to said authenticated message 'server and configured to receive said 
- inbound electronic message. ' - ;r • - - * 

25 46. The electronic message system of claim 44, wherein said authenticated 

v message servef is configured to perform the act of parsing sender information and receiver 
information from said address information, said receiver information including a local 
userid and a second adapted digital signature. 

47. The electronic message system of claim 44, wherein creating said digital 
30 signature includes executing a one-way hash function, said one-way hash function using at 
least said originator key and a portion of said address information, said one-way hash 
function generating a hash value, and said hash value being said digital signature. 
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48, : .The electromci message system£o^ of generating 
said adapted-'dagitai sig£^^^er ; dc^ function on said 
digital sjgn^ire tq^gj £^$M4L^ is retrieved 
based on said modified digital signature. 

iC " .-^r:/- bic::4 :mrz s fai?js < '?0?> s T^nntsri ^rsrxi^hc zzhritrti'-'s 

49. The electronic message system ^of qlaim ^ wherein said authenticated 

message server is further configured to pcMrmWc acts^ofi 1 3 * iZ " ^ " 

; - - ^ saiffWota to ¥6im'§da : kdhf>t^d digital signature. 

;:^vrr;:?r;- i'^'X.'i ; : :*J :."-t ' 1::: ^ ^sv;/ hr^ .a » Sims* ^f/ist:^ ";i i ■ 
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AMENDED CLAIMS 

, [received by ; Ae International /Bureau on ^ ?:November:1999 (09.1 1.99); 
. original claim^ 

1 .1. .A-methodfofverif^^ 

2 receiving an electronic message from a remote user, 

3 extracting an originator identifier (608) and a first adapted digital signature (652) 

4 from said electronic message: £ - v ^ • . 

fro hjch rrn^r.t.^ o; fc3ii:£Lt'V..o :*.•»:.:-• ^ ■■■ ; -V-"' ■ - 

5 retrieving an originator key (610) basedpn s^d f qrigin^tor identifier (616), said 
6^ -9^^^ 

7 generating a second adapted digital signature (652), said second adapted digital 

8 signature (652) based on a local userid (608), said originator key (61 0), and 

9 one or more other identifiers, and wherein said local userid (608) corresponds 

10 to said originator identifier (608); 

1 1 comparing said first adapted digital signature (652) to said second adapted digital 

12 signature (652); 

13 accepting said electronic message from said remote user if said first adapted digital ^ 

14 signature (652) and said second adapted digital signature (652) match; and ^ 

15 rejecting said electronic message from said remote user if said first adapted digital 

16 signature (652) and said second adapted digital signature (652) do not match. * 

1 2. The method of claim 1, further comprising: 

2 comparing said originator identifier (608) to a list of local users (604); and 

3 rejecting said electronic message is if said originator identifier (608) does not match 

4 at least one local userid in said list of local users (604). 

1 3. The method of claim 1, wherein said electronic message is addressed to said 

2 authenticated electronic userid (644). 

1 4. A method for creating an authenticated electronic userid (644) comprising: 

2 receiving a request for said authenticated electronic userid (644); 

3 retrieving an originator key (610), said originator key (610) corresponding to a local 

4 userid (608); 
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5 . .. generating an adapted digital signature (652), said adapted digital signature (652) 

6 based on said originator key. (61 0), said local userid (608), and one or more 

7 other identifiers; - 

8 . . cpncatenating^saidMapted. digital signature {652) with, at least an originator identifier 

9 (608) corresponding to sajd^lp^al userid (608 _ , _ _ . . : 

10 , . . retailing a result qf. ^tpf cpncateii^ting as -said authenticate^ 

11 (644). , c?# ~. 

1 5. , . .^e^nx?thp f d r of r Qla^. 4, wharjem said, a?t oXconca.te|iating fc comprises concatenating 

2 said adapted digital signature (652), witb.siiid originator jdentifiej, (6Q8) and a domain name. . 

3 < 664 >- /v;J: C ^ , 

1 ' 6. The method of claim 1 or 4, whereig .said act of generating, said first or said second 

2 adapted digital signature (652) comprises: • t { , , „ t _„ . 

3 performing a. one-way. hash Action,. using r said originator key (610) ? a Jocal .userid 

4 (608), and remote user information (616) as inputs, to. form a digital signature 

5 (624); and 

6 converting said digital signature (f>24) from a first digital fprm^t into a second digital 

7 format, said- digital signature in said .second ^digital, fpnriat being s&id second 

8 adapted digital, signature (652). . . _ .... 

1 7. The method of claim Lor 4, wherein said act of generating said,first.or said second 

2 adapted digital signature (652) comprises: . . . , . ± 

3 performing ^n encryption function using said originator key (610), said local userid 

4 . (608), and remote user information. (6 16) to form, a digital signature (624); and 

5 converting said digital signature (624) from a first digital format into a second digital 

6 format, said digital signature in said second digital format being said second 

7 adapted digital signature (652). 

1 8. The method of claim 1 or 4, wherein said step of generating said first or said second 

2 adapted digital signature (652) comprises: 
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3 ' creating a digital signature (624), isaid digital signature (624 j b&seci on at least' said 

4 ' " : fi originator key (6l 6) 9 ' said local useri'd (608), ihd rtitibte usef information 

5 (616); 

6 retrieving a wbfa ^ 

7 least a portion of said dfgitaTsi 

8 ' ' : '* irlfiimmgra/ le^t : sif ^S^or^l^ J 6]R^ : f ^dTETre^ of r sal<l seeoiid adapfed digital Signature 

9 (652). [: '^ :) 

1 9. ^ "Thr^ bdiri^ on ' 

2 said digital Signature (624) t*o : create Wm8difi^d dilitaLl'sign^^ andSvhereih ; 4kid ^^tf ~ 

3 (656) is retrieved based upon said modified digital signature. ^ 

1 10/''' Theriietto^ : t 1 ™ : — - 

2 generating a number (660); and ^o?.; i . - .. ... . 

3 ; : ' Appending said number (660) tS Said word (656) to form -saud first or said'secbnd" c T ' t 

4 " " f adapted diiitii signature : (65i2): 1 :r - - ^ - j: - A £ . f 

1 11V : A method! for filtering electrorlic maSl/boifif3ri^mg: - S f --^ ^ 

2 " " : "ribtei viiig : aii etec&bnic 'rneskage ff oiri a rtrfiofe user, Said electronic* hiessage ^ | 

3 addressed to an authenticated eledtfbhib tiierid (644); " 1 ^ 

4 generating an adapted digital signature (652) based on information from said 

5 electronic message, s&idact of gfeneifctilig comprising: 

6 performing a one-way hash function that uses a local userid (608), remote user 

7 " c i ; information (61 6),*arid ah originator 

8 signature (624)', arid wherein said local userid (608) corresponds to an 

9 r originator identifier (608) from said electronic message; 

10 ~ transforming said digital signature (624) from a first digital format to a second 

11 v digital format; and 

12 returning said digital signature in said second digital format as said adapted 

13 digital signature (652); ' 

14 comparing said adapted digital signature (652) to a portion of said electronic message; 

15 accepting said electronic message if said adapted digital signature (652) and said 

16 portion of said electronic message match; and 
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17 , rejecting said electronic .message if said adapted digital signature (652) and said 

18 . pprtion of said electronic message do not ma;tch. ^ 

.•■.J'' :n jm;:;]^; r,.,/-: .err j ; f ^^rti vinous::* ;. 

1 12. The method of claim 1 1, wherein said electronic message is a reply to a first 

2 el^ctoonic .message sent from: a local.user, pid^ first r ele r ctrqg^c message comprising said 

3 originator identifier (608) and said adapted digital signature £6£2),, and wherein said portion 

4 of said electronic .ipessage r Qqmp^re4tp .jai^ad^ted. ^^j^^jgp^ure (652) ^generated by 

5 actg associated, with said local user. . ^ ^ 



1 13. The method of claim 1 1, wherein said step of tj^sfp^ng.said digital signature (624) 

2 frqmsaid^fir^t digital fqnnat to sai^ secpiid - - . 

3 retrieving a word (656) from a wpjd Iist (63,6)»,§.aid word (656). corresponding to at 

4 least a portion of said digital signature (624) in said first digital format; and 

5 returning at least said word (656) as said .digital sigpatui;e (624) in said second digital 

1 14. TTje.methQd of on 

2 said digital signature (624) to create a modified^digital signature,,a;nd \yherein said word 

3 (656) is retrieved based upon said modified digital signature. 

1 15. r The method of claim 13,. further comprising^ - . . ... 

2 generating a number (660); and 

3 appending said number (660) to said word (656) to form said first or said second 

4 ' . adapted digital signature (652). . . ^ f , r . ,. : f> 

1 16. A.me-thod for verifying an adapted. digital signature in an electronic message 

2 comprising: 

3 receiving an electronic message from a remote sender, 

4 retrieving an originator key (610) based on a first portion of said, electronic message, 

5 said first portion of said electronic message comprising receiver address 

6 information; 

7 generating an adapted digital signature (652), said act of generating comprising: 
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8 . " "* * creating "a digital'signatiire (624) biased tin at least' said originator key (610) 

9 and a second portion of siid'dectixmic message, said' second portion of 

10 said electronic message comprising remote sender address information 

11 ^ : " ;- <6i6y .^^^rnuin^^*- ' ^ ^rn7 M ^-.:V- 

12 " ' * l : ^Mevin^a W&rd X6f6f&6mk^6r^ liF(i^ 

13 to said digital signature (624); * 7 

14 ' : K ' r£1 - :: ^it^m£ atfe^^'^ (652); : : ' : 

1 5 comparing a third portion of said electronic message ftf said Adapted 'digital signature' - 

16 (652), said third portion of said electronic message also comprising receiver 

17 {> ~ [ - v ' i: add^s feforift^S^^" ^ ^ L ' h ' K fT:iS:ir ' " : ^ 

1 8 accepting said eletltbftib ni^sSage if iaid third pditfori of said dectronid rfiessage &ld 

19 : ' - ~ : 's^ „ ; ... 

1 17^ ^^The^method^tcliaim :f: ^" v ' ^ 

2 testing to determine whether a local user (608) corresponding to s£id first portion of 

3 said electronic message employs authenticated message server services; and 

4 n : f ' -abctepHttg; said det^oiiid : messdg^ i^said locif User (608) d&s riot etfttployslid 

5 ' ^ v iut&^Scaied^meskagd SeSrver 'sei^^V : " T ° ■'" ~" - in v f " ? " " 

1 18. The method of claim 16, wherein said remote sender address information (616) 

2 includes a sender domain name and said receiver address information includes a hem userid 

3 (608). " : " :: v ; v — 

1 19. The method of claim 16, wherein said step of generating said adapted digital signature 

2 (652) comprises: 

3 creating a modified digital signature from said digital signature (624), said modified 

4 digital signature created with a boolean function (628), and wherein said word 

5 (656) is retrieved from said word list (636) based upon said modified digital 

6 signature; . . . 

7 generating a number (660); and 

8 appending said number (660) to said word (656). 
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1 20. , . ^ The method of claim,16, >yherein creatiiig said digital signature (624) includes 

2 executing, a pne-way hash fiinction (620), .said one-way ^hash fimction .(£20) using at least said 

3 originator key (61 0), remote sender addressinformation (6 1 6^ and receiver address 

4 information, said one-way hash fonQtion ^620Xgeneratin^ .a hash value, said hash value being 

5 said digital signatqr? (624)^ ( „. tw ^> ^r* v 5 



1 21. A computer-readable medium having stored therein one or more sequences of 

2 instoctiojis conggured to cause^one p&more processors to perform the steps des^ribetd in any 

3 of the above method claims. . u t 

1 22. An electronic message system (100) comjmsinjp f , 

2 a computer (1 Q8) configured to run an electronic message server application; 

3 , a router; (1 12) coupled to said^computer (108}, said router (1 12) configured to forward 

4 a first electronic message from a local user (104), s^d first electronic message 

5 comprising a first authenticated electronic userid (644), and said router (112) 

6 ^further configured to receiye.a second electronic message from a reniote user . 

7 (132), said second electronic message comprising a second authenticated . 

8 electronic userid (644); and f : ^ 

9 a computer program stored in a memory device coupled to said electronic message 

10 _ system (100), $aid computer program cpnfigiu;ed to cause said electronic 

11 message system (100) to generate said first authenticated electronic userid 

12 , . , . (644) fpr said first electronic, message, said first authenticated electronic userid 

13 (644) having an adapted digital signature (652) and an originator identifier 

14 (608), and said computer program further configuredto cause said electronic 

15 message system ( 1 00) to filter said second electronic message if said 

16 electronic message system (100) cannot re-generate said adapted digital 

17 . signature (6 ...... 

1 52), based in part on envelope information associated with said second electronic 

2 message, and match said re-generated adapted digital signature (652) with a 

3 portion of said second authenticated electronic userid (644). 

1 23. The electronic message system (100) of claim 22,.wherein said computer program is 

2 further configured to generate said adapted digital signature (652) by: 
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3 creating" a digital signature (624) "said 'digital signature (624) based on said originator * 

4 ( 6 ! o), said local'iisend (608), and remote user information (6 1 6); 

5 retrieving a word (656)' from a worif list' (636), Said word (65%j cdrrespbridmg to at 

6 ' le^ a portion of ^ 

7 returning at least said word (656) as said first or said second'adapted* digital sT^atiire 

8 (652). 

1 24. ' 1 The electronic W&agV system \ i'C^ cbmputef prbgraih is' 

2 further configured to: ' 

3 extract an originator identifier (608) from said envelope information associated with 
4. said second electronic message;' ' - L v 1 *" - 

5 conipare'said originator identifier (608) to a list" of local userids (604); arid 

6 " ' reject said second electronic message if said originator identifier (608) does riot match 

7 <* at le^t oheTbc^ ' ^ 

1 25* " k An authenticate message'sefv^ to create jahd Verify an *• 

2 authenticated electfonic^userid (644);' ' -a 4 * — 

3 wherein creating said authenticated electronic userid (644) comprises: 

4 " e ~ receiving V request 1 for said authehtirated 

5 ' retrieving an original 

6 ; MbcM'iiserid (608); " £ - : / ' : \ - ^ ,r 

7 " " generating a first'adapted digital signature (652)",* said first' adapted digital 

8 " J signature (652) b Eased on said originator key (610), said local userid 

9 (608), and one or more other identifiers; ' 

10 concatenating said first adapted digital sigjiatufej (652) with at least an 

11 originator identifier (608); aiid 

12 returning a result of said step of concatenating as said authenticated electronic 

13 userid (644); and 

14 " wherein verifying said iauthenticated electronic userid (644) comprises: 

15 receiving an electronic message from a remote user (132), said electronic 

16 message comprising said authenticated electronic userid (644); 

17 extracting said originator identifier (608) and first adapted digital signature 

18 (652) from said authenticated electronic userid (644); 



BNSDOCID: <WO 0010268A1_I_> 



AMENDED SHEET (ARTICLE 19) 



' • .,- WO 00^0288 : . ? .,PCT/US99/17285 

36 

19 remeyin^s^dorig^tprkey (6 lD).b^edpn^said.origi^tor identifier (608); 

generating a .second adapted^digi^.sigMture^652), said second adapted • 
..... . ? .<|?«^ stature ; (65,2) b^ed o,ns;3jdj?rigmator key (610), said 

..... 9^@^^M^^^A^?)*M^9^fxmorsQihcciiea^nen; 

23 comparing said first adapted digital signature (652) to said second adapted 

24 . ... digital .signature (652); . ..... 

accepting said, electronic message frpixi said remote user (132) if said first 

r /•,.;,-- .V;- :r ^.•v^EMI1%S f.^^il^^f?? d / S M d . sec P nd .^PM'djM^v 

27 signature (652) match; and . 

28 rejecting said electronic message from said remote user (132) if said first 

,_...-.„,,., lV -v- .r '^P^-^S^ signature (652) and said. secpnd. adapted, digital • 
# ^ signature (652) dp .pot match.;, 



20 
21 
22 



25 
26 



29 
30 



1 26. The authenticated message server ( 1 1 6) of claim 25, wherein said acts of generating •-. 

2 said first adapted digital signature (652) and said second adapted digital signature (652) 

3 comprises: 

4 performing an encryption function using said originator key (610), said local userid 
(608), and remote user information (616) to form a digital signature (624); and 

converting said digital signature ..(624) from a first digital format into a second digital 
format, said digital signature in said second digital.format .being said second 
8 adapted digital signature (652). 

1 27. The authenticated message server (1 1.6) of claim 25 , wherein said act of generating . 

2 said first adapted digital signature (652). and said second adapted digital signature (652) 

3 comprises: 

4 performing, a one : way hash function, using said originator key (6 1 0) and said local 

5 userid (608), and remote user information (6 16) as inputs, to form a digital 

6 signature (624); and 

7 converting said digital signature (624) from a first digital format into a second digital 

8 format, said digital signature in said second digital format being said second 

9 adapted digital signature (652). 
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1 28. The'authenticStfed message server (1 16) of claim 25; wherein 'said act of generating 

2 said adapted digital Si^tikture (652yfttffliir comprises the stieps of: ' " 

3 creating f a%^ si^n^fe t<S24)^iiased on at least said 

4 < r * r:R onjg^ user information 

6 retrieving a word (656) from a word list t^^V* saffiwT&X65$ corresponding to at 

8 ittffiin^ &S ^craS^pted digital signature 

9 (652). bnt:rf^(:c6)^;^:a 

::jv'. :>-.j;-/:i !t,-,j 07c-:n bau ^ca rj;.;r.^n r Larries*;- 

1 29. The autheiiticareH riiSssa££ s£$tbi (f 16)' 6f : 6ldam ^/fui^her'configiired to perform the 

2 acts of executing a boolean operation (628) on said digital sigriaftire (624) to create a 

3 modified digital signature, and wherein said word (656) is retrieved based upon said modified 

4 digi^signature; ; : ''••' v,! '' J:? "" ^ ' ' 

1 30. The authenticated message server ( 1 1 6) of claim 28, further configured to perforni the 

2 act*of: - '* < — ■ • * - : V~ ^V*"'- :"0-v r.o: ' ^ J ^ * 

3 :l generatingM%iimber X660); iid ... ^ e . 

4 :£i ^ appending said hurriber (660)~to said W6rd (656) to form said first or said second 

5 " : adapted digital signature (652). " ;i j - ' * ' " 1 ^ 

1 31. The authenticated message server (1 16) of claim 25, wherein said act of verifying said 

2 authenticated electronic 'taerid (644) further comprises: 

3 extracting said originator identifier (608) from said envelope- information associated 

4 with said electronic message; 

5 comparing said originator identifier (608) to a list of local userids (604); and 

6 rejecting said electronic message if said originator identifier does not match at least 

7 one local userid in said list of local userids. 

1 32. ' A electronic message system (200) comprising: 

2 an authenticated message server (212), said authenticated message server (212) 

3 configured to filter an inbound electronic message if an authenticated 
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4 , . .. electronic userid (644) cannot be verified, said, inbound elec^oiucpessage 

5 including address information; ... r r . - > v - w 

6 and a mail host (212) coupled to said authenticated message server (212); wherein 

7 _ . said^then^ filter, said .inbound electronic 

8 message by performing, 0ie : actf;of; -. r ;.. <%4 . .^ ; ^..^%. tco: ,.f 3:Ti z: .Z x V; 

9 generating an adapted digital signature (652^^ acst .of, graj^^ting-- 

10 ^. ? .:;rso b^c^^ffiBP^ -r (o^-; fete'* Ms* r r0&u ;-;dr :a bba snih^cq- 

1 1 creating a digital signature (624) based on at least axi^riginator key 

12 (610) and a first portion of said address information; 

13 retrieving a word (656) from a word list (636), said word (656) 

14 corresponding to said digital signature (624); and 

15 returning said word (656) as at least a portion of said adapted digital 

16 signature (652); 

17 comparing a second portion of address information to said adapted digital 

18 signature (652); and 

19 rejecting said inbound electronic message if said second portion of said 

20 address information and said adapted digital signature (652) do not 

21 match. 

1 33. The electronic message system (200) of claim 32, wherein said authenticated message 

2 server (212) is configured to perform the act of parsing sender information and receiver 

3 information from said address information, said receiver information including an originator 

4 identifier (608), a second adapted digital signature (652), and said sender information 

5 including remote user information (616). 

1 34. The electronic message system (200) of claim 32, wherein creating said digital 

2 signature (624) includes executing a one-way hash function (620), said one-way hash 

3 function (620) using at least said originator key (610) and a portion of said address 

4 information, said one-way hash function (620) generating a hash value, and said hash value 

5 being said digital signature (624). 

1 35. The electronic message system (200) of claim 32, wherein said act of generating said 

2 adapted digital signature (652) further comprises performing a boolean function (628) on said 
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3 digital signature (624) to create a modified digital signature, arid wherein said word (656) is 

4 retrieved based on said modified digital signature. : ' : ; - : 1 c - - * T 

1 36. Theelectonic md&ag£^ 

2 server (212) is further configured to perfoiOT&S?ibtS^^ :,nr;i3n; ^ * c f S : 

4 appending said number (660) to said word (656) to fdftn'said adapted digital signature 

4 »t 4 -'l:r- :rr^ w.-r Lh >zh:z lc noincq rri: s can (Of?*) 



- i * ■ if 



z :.iv* 
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